You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
134 lines
6.3 KiB
134 lines
6.3 KiB
diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c
|
|
index 53fb1e9..f735c50 100644
|
|
--- a/modules/mappers/mod_rewrite.c
|
|
+++ b/modules/mappers/mod_rewrite.c
|
|
@@ -4477,20 +4477,6 @@ static rule_return_type apply_rewrite_rule(rewriterule_entry *p,
|
|
* ourself).
|
|
*/
|
|
if (p->flags & RULEFLAG_PROXY) {
|
|
- /* For rules evaluated in server context, the mod_proxy fixup
|
|
- * hook can be relied upon to escape the URI as and when
|
|
- * necessary, since it occurs later. If in directory context,
|
|
- * the ordering of the fixup hooks is forced such that
|
|
- * mod_proxy comes first, so the URI must be escaped here
|
|
- * instead. See PR 39746, 46428, and other headaches. */
|
|
- if (ctx->perdir && (p->flags & RULEFLAG_NOESCAPE) == 0) {
|
|
- char *old_filename = r->filename;
|
|
-
|
|
- r->filename = ap_escape_uri(r->pool, r->filename);
|
|
- rewritelog((r, 2, ctx->perdir, "escaped URI in per-dir context "
|
|
- "for proxy, %s -> %s", old_filename, r->filename));
|
|
- }
|
|
-
|
|
fully_qualify_uri(r);
|
|
|
|
rewritelog((r, 2, ctx->perdir, "forcing proxy-throughput with %s",
|
|
@@ -5013,7 +4999,7 @@ static int hook_uri2file(request_rec *r)
|
|
}
|
|
if ((r->args != NULL)
|
|
&& ((r->proxyreq == PROXYREQ_PROXY)
|
|
- || (rulestatus == ACTION_NOESCAPE))) {
|
|
+ || apr_table_get(r->notes, "proxy-nocanon"))) {
|
|
/* see proxy_http:proxy_http_canon() */
|
|
r->filename = apr_pstrcat(r->pool, r->filename,
|
|
"?", r->args, NULL);
|
|
@@ -5304,13 +5290,28 @@ static int hook_fixup(request_rec *r)
|
|
if (to_proxyreq) {
|
|
/* it should go on as an internal proxy request */
|
|
|
|
- /* make sure the QUERY_STRING and
|
|
- * PATH_INFO parts get incorporated
|
|
+ /* check if the proxy module is enabled, so
|
|
+ * we can actually use it!
|
|
+ */
|
|
+ if (!proxy_available) {
|
|
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10160)
|
|
+ "attempt to make remote request from mod_rewrite "
|
|
+ "without proxy enabled: %s", r->filename);
|
|
+ return HTTP_FORBIDDEN;
|
|
+ }
|
|
+
|
|
+ if (rulestatus == ACTION_NOESCAPE) {
|
|
+ apr_table_setn(r->notes, "proxy-nocanon", "1");
|
|
+ }
|
|
+
|
|
+ /* make sure the QUERY_STRING gets incorporated in the case
|
|
+ * [NE] was specified on the Proxy rule. We are preventing
|
|
+ * mod_proxy canon handler from incorporating r->args as well
|
|
+ * as escaping the URL.
|
|
* (r->path_info was already appended by the
|
|
* rewriting engine because of the per-dir context!)
|
|
*/
|
|
- if (r->args != NULL) {
|
|
- /* see proxy_http:proxy_http_canon() */
|
|
+ if ((r->args != NULL) && apr_table_get(r->notes, "proxy-nocanon")) {
|
|
r->filename = apr_pstrcat(r->pool, r->filename,
|
|
"?", r->args, NULL);
|
|
}
|
|
@@ -5610,10 +5611,7 @@ static void ap_register_rewrite_mapfunc(char *name, rewrite_mapfunc_t *func)
|
|
|
|
static void register_hooks(apr_pool_t *p)
|
|
{
|
|
- /* fixup after mod_proxy, so that the proxied url will not
|
|
- * escaped accidentally by mod_proxy's fixup.
|
|
- */
|
|
- static const char * const aszPre[]={ "mod_proxy.c", NULL };
|
|
+ static const char * const aszModProxy[] = { "mod_proxy.c", NULL };
|
|
|
|
/* make the hashtable before registering the function, so that
|
|
* other modules are prevented from accessing uninitialized memory.
|
|
@@ -5625,10 +5623,12 @@ static void register_hooks(apr_pool_t *p)
|
|
ap_hook_pre_config(pre_config, NULL, NULL, APR_HOOK_MIDDLE);
|
|
ap_hook_post_config(post_config, NULL, NULL, APR_HOOK_MIDDLE);
|
|
ap_hook_child_init(init_child, NULL, NULL, APR_HOOK_MIDDLE);
|
|
-
|
|
- ap_hook_fixups(hook_fixup, aszPre, NULL, APR_HOOK_FIRST);
|
|
+
|
|
+ /* allow to change the uri before mod_proxy takes over it */
|
|
+ ap_hook_translate_name(hook_uri2file, NULL, aszModProxy, APR_HOOK_FIRST);
|
|
+ /* fixup before mod_proxy so that a [P] URL gets fixed up there */
|
|
+ ap_hook_fixups(hook_fixup, NULL, aszModProxy, APR_HOOK_FIRST);
|
|
ap_hook_fixups(hook_mimetype, NULL, NULL, APR_HOOK_LAST);
|
|
- ap_hook_translate_name(hook_uri2file, NULL, NULL, APR_HOOK_FIRST);
|
|
}
|
|
|
|
/* the main config structure */
|
|
diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c
|
|
index 8f13e68..bd0aa68 100644
|
|
--- a/modules/proxy/mod_proxy.c
|
|
+++ b/modules/proxy/mod_proxy.c
|
|
@@ -3344,27 +3344,26 @@ static int proxy_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
|
|
}
|
|
static void register_hooks(apr_pool_t *p)
|
|
{
|
|
- /* fixup before mod_rewrite, so that the proxied url will not
|
|
- * escaped accidentally by our fixup.
|
|
- */
|
|
- static const char * const aszSucc[] = { "mod_rewrite.c", NULL};
|
|
/* Only the mpm_winnt has child init hook handler.
|
|
* make sure that we are called after the mpm
|
|
* initializes.
|
|
*/
|
|
static const char *const aszPred[] = { "mpm_winnt.c", "mod_proxy_balancer.c",
|
|
"mod_proxy_hcheck.c", NULL};
|
|
+ static const char * const aszModRewrite[] = { "mod_rewrite.c", NULL };
|
|
+
|
|
/* handler */
|
|
ap_hook_handler(proxy_handler, NULL, NULL, APR_HOOK_FIRST);
|
|
/* filename-to-URI translation */
|
|
ap_hook_pre_translate_name(proxy_pre_translate_name, NULL, NULL,
|
|
APR_HOOK_MIDDLE);
|
|
- ap_hook_translate_name(proxy_translate_name, aszSucc, NULL,
|
|
+ /* mod_rewrite has a say on the uri before proxy translation */
|
|
+ ap_hook_translate_name(proxy_translate_name, aszModRewrite, NULL,
|
|
APR_HOOK_FIRST);
|
|
/* walk <Proxy > entries and suppress default TRACE behavior */
|
|
ap_hook_map_to_storage(proxy_map_location, NULL,NULL, APR_HOOK_FIRST);
|
|
- /* fixups */
|
|
- ap_hook_fixups(proxy_fixup, NULL, aszSucc, APR_HOOK_FIRST);
|
|
+ /* fixup after mod_rewrite so that a [P] URL from there gets fixed up */
|
|
+ ap_hook_fixups(proxy_fixup, aszModRewrite, NULL, APR_HOOK_FIRST);
|
|
/* post read_request handling */
|
|
ap_hook_post_read_request(proxy_detect, NULL, NULL, APR_HOOK_FIRST);
|
|
/* pre config handling */
|